Console Login
Docs / Security Controls

Control map

This map ties each security claim to a specific control, decision flow, and evidence output.

Security Model Evidence Model Export Packs

How to use

1. Review control

Understand the control definition.

2. Verify implementation

Confirm evidence output exists.

3. Export proof

Generate evidence for auditors.

4. Monitor drift

Track changes to control posture.

Execution controls

Least-privilege execution

Explicit scopes, permitted actors, and deny-by-default enforcement.

Fail-closed enforcement

Missing decisions or timeouts always result in DENY.

Execution guardrails

Budgets, approvals, and regulatory constraints.

Identity + access

Identity and access

Role-based access, scoped credentials, and dual control.

Data protection

Data minimization, retention controls, and access boundaries.

Audit + evidence

Immutable audit trail

Evidence hashes, decision records, and tamper-evident storage.

Evidence and audit

Exportable records for auditors and regulators.

Key API endpoints

GET /compliance/controls — control map snapshot

Evidence outputs

Control map export
Evidence mapping